Q: How can I connect to the MIT VPN using openconnect on Linux?

Answer

Use Official Cisco ClientsIS&T strongly recommends that you use the Cisco clients to connect to the VPN. They have been tested and should work on all supported operating systems. By visiting http://ist.mit.edu/cisco-anyconnect/all in your web browser, you can download and connect using the official Cisco AnyConnect Secure Mobility Client.

System Requirements

openconnect is only available in Ubuntu 9.10 (Karmic) and higher. We strongly urge you to use Ubuntu 10.04 (Lucid), as it contains the newest version of the openconnect client, which fixes a number of bugs from previous versions.

Network Manager

On current versions of Ubuntu Lucid, you must reboot the workstation after installing the network-manager-openconnect package. This is due to a bug in the package's configuration scripts. Failure to reboot will result in the misleading error "No VPN secrets" when attempting to connect to the VPN, and the login dialog box will not be displayed.

Be sure you have installed the network-manager-openconnect package and its dependencies.

All other settings should be left at their default values. Click Apply.

Click on the NetworkManager icon in the notification area, select VPN Connections, and then select the VPN connection you just configured.

After a moment, you should be prompted for your username and password (twice); the second password field expects a Duo code (if you are Duo-enabled), and the connection will be established.

To disconnect from the VPN, select the NetworkManager icon in the notification area, select VPN Connections, and then select Disconnect VPN...

Command-line

Be sure you have installed the openconnect and vpnc packages.

Become root.

Run openconnect -s /etc/vpnc/vpnc-script vpn.mit.edu
You will be prompted for your MIT username and password, and then the VPN client will connect.
Once connected, you will have an IP address that begins with 18.100

To disconnect, simply press Ctrl-C to end the openconnect program.

11.10 (oneiric ocelot) 64-bit Notes

We have tried this in 11.10 64-bit and it does work:

Install openconnect with the command sudo apt-get install network-manager-openconnect. From dash, run Network Connections. Create the vpn connection as described in the section above.

If this works, you get an extra tab in the Network Connections app that says "vpn". Then add and use the settings vpn.mit.edu and accept / save the certificate when you try to connect.

Note that the 32-bit installer (vpnsetup.sh) seems to work fine on 32-bit 11.10 - so use that as the first resort.

Ubuntu notes

Before extracting the tar.gz, you'll need to install two libraries:

sudo apt update && sudo apt install lib32z1 lib32ncurses5

After that, you should be able to extract and run the installer script.